430e184603e7b9e813d4977fa6bea500767c647b4526fd3405c297482c355432 | Triage

Sharing

General

Target

4142cadae4e3f428cdc72dca19a5db59.elf
Size

45KB
Sample

230211-krldzsbc5v
MD5

4142cadae4e3f428cdc72dca19a5db59
SHA1

70f0a4aae0cbe71e53d5af65e35c8a53cc6b1e90
SHA256

430e184603e7b9e813d4977fa6bea500767c647b4526fd3405c297482c355432
SHA512

953935bab1b781943ad8ee14cf84815244877e76cfa8ea4504f5019e7e8f6f93521b5d0eaeadb6a11f86369bba7f2981386d487e5addd2fef2432b1e0099f7e1
SSDEEP

768:D/TYCoIxdEk+AxoTZAZHFeq8b3Pt9q3UELbUXfi6nVMQHI4vcGpvT:DECFd+A6YHAxoLRQZT

Score

9^/10

Malware Config

Targets

- Target
  
  4142cadae4e3f428cdc72dca19a5db59.elf
- Size
  
  45KB
- MD5
  
  4142cadae4e3f428cdc72dca19a5db59
- SHA1
  
  70f0a4aae0cbe71e53d5af65e35c8a53cc6b1e90
- SHA256
  
  430e184603e7b9e813d4977fa6bea500767c647b4526fd3405c297482c355432
- SHA512
  
  953935bab1b781943ad8ee14cf84815244877e76cfa8ea4504f5019e7e8f6f93521b5d0eaeadb6a11f86369bba7f2981386d487e5addd2fef2432b1e0099f7e1
- SSDEEP
  
  768:D/TYCoIxdEk+AxoTZAZHFeq8b3Pt9q3UELbUXfi6nVMQHI4vcGpvT:DECFd+A6YHAxoLRQZT
Score

9^/10
- Modifies the Watchdog daemon
  Malware like Mirai modify the Watchdog to prevent it restarting an infected system.
- Writes file to system bin folder
- Reads runtime system information
  Reads data from /proc virtual filesystem.
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Hijack Execution Flow

Privilege Escalation

Hijack Execution Flow

Defense Evasion

Hijack Execution Flow

Impair Defenses

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1